Any person using a computer, has almost certainly come
across the term firewall, and knows it has something to do with the security of
the system, or the network.
The name firewall comes from a common architectural
practice of placing a brick wall between two structures, to prevent a fire from
one, spreading to the other.
Firewalls are hardware implementations to curb software measures in
your network, or host, used to filter outgoing and incoming network traffic. It
provides a barrier to control the traffic.
It is the 1st line of defense, against any
public or internal network affairs, which inspects that the confidential stuff is in
the network, and doesn’t leave it. In short, it inspects the outgoing traffic.
Types
of firewall-
1. Packet Inspection
Firewall:
The packet inspection firewall inspects every packet,
which are either coming in the network, or leaving the network.
If a packet coming or leaving the network violates any
rule, the firewall blocks that traffic, and when there isn’t any rule violated, the firewall allows the traffic to pass through it.
2. Application
Filtering Firewall:
The application filtering firewall looks at the
applications which are called by the traffic. In simple words, it controls
input, output, and access from, to or by an application or service.
It is operated by monitoring and potentially blocking the
input, output, or system service calls that do not meet the configured policy
of the firewall.
3. Stateful
Firewall:
The stateful firewall maintains a state table for all the
outgoing traffic, such that there is an incoming reply to a traffic for an
outgoing request.
This firewall is configured to distinguish legitimate
packets for different types of connection. Only packets matching a known active
connection are allowed to pass the firewall.
Why
should you use a firewall?
Firewall is used to protect the network, by implementing
some rules on it, and ensuring its traffic’s passage in certain restricted conditions.
Firewalls can block traffic intended for particular IP
addresses or server ports.
Typically, companies set up their firewalls to allow incoming connections to port 80, at HTTP, which is the standard port used by Web servers.
Typically, companies set up their firewalls to allow incoming connections to port 80, at HTTP, which is the standard port used by Web servers.
Traffic from the trusted hosts, or devices in a network
would be allowed to transverse the firewall, and connect to the Internet,
allowing users to employ services such as FTP, Email etc.
Firewalls also provide protection against various
malicious threats, including DoS attacks, in which the attacker tries to
barrage a website with a huge traffic, in short, flooding with requests, which
eventually brings the web server down, potentially, allowing the attacker to
break into it, and from there, the attacker may be able to access other network
resources.
DMZ
In common practices, most companies deploy two firewalls,
simultaneously, creating a DMZ (demilitarized zone), in which one firewall
connects to the Internet, while the other connects to the internal network. In
between, there is the DMZ, where companies put their Web servers
(public-facing). This is because, even if the attacker succeeds in hacking into
the Web server, via DoS attack, the 2nd firewall will prevent him
from accessing the private corporate network.
It is the safest portion of the network, with only a few
people having the access to its configuration.
Default
rules of a firewall
1:- Inbound rule:
Inbound rule filters traffic passing from the network to
the local computer, based on the specified filtering conditions. In simple
words, it blocks all the access from outside, except responses to requests from
the LAN side.
2:- Outbound
rule
Outbound rule filters traffic passing from the local
computer to the network, based on the specified filtering conditions. In simple
words, it allows the access from the LAN side to outside.
Also at: theblogshare.in
Also at: theblogshare.in
No comments:
Post a Comment